Transcription
Chapter 3System AnalysisFailure Modes, Effects, and Criticality AnalysisMarvin RausandDepartment of Production and Quality EngineeringNorwegian University of Science and Technologymarvin.rausand@ntnu.noMarvin Rausand, October 7, 2005System Reliability Theory (2nd ed), Wiley, 2004 – 1 / 46
IntroductionWhat is FMECA?FMECA – FMEABackgroundPurposesBasic questionsTypes of FMECATwo approachesFMECA standardsFMECA procedureIntroductionWorksheet prep.Risk rankingCorrective actionsConclusionsMarvin Rausand, October 7, 2005System Reliability Theory (2nd ed), Wiley, 2004 – 2 / 46
What is FMECA?IntroductionWhat is FMECA?FMECA – FMEABackgroundPurposesBasic questionsTypes of FMECATwo approachesFMECA standardsFMECA procedureFailure modes, effects, and criticality analysis (FMECA) is amethodology to identify and analyze:All potential failure modes of the various parts of a system The effects these failures may have on the system How to avoid the failures, and/or mitigate the effects of thefailures on the system Worksheet prep.Risk rankingCorrective actionsConclusionsFMECA is a technique used to identify, prioritize, and eliminatepotential failures from the system, design or process before theyreach the customer– Omdahl (1988)FMECA is a technique to “resolve potential problems in a systembefore they occur”– SEMATECH (1992)Marvin Rausand, October 7, 2005System Reliability Theory (2nd ed), Wiley, 2004 – 3 / 46
FMECA – FMEAIntroductionWhat is FMECA?FMECA – FMEABackgroundPurposesBasic questionsTypes of FMECATwo approachesFMECA standardsInitially, the FMECA was called FMEA (Failure modes and effectsanalysis). The C in FMECA indicates that the criticality (orseverity) of the various failure effects are considered and ranked.Today, FMEA is often used as a synonym for FMECA. Thedistinction between the two terms has become blurred.FMECA procedureWorksheet prep.Risk rankingCorrective actionsConclusionsMarvin Rausand, October 7, 2005System Reliability Theory (2nd ed), Wiley, 2004 – 4 / 46
BackgroundIntroductionWhat is FMECA?FMECA – FMEABackgroundPurposesBasic questionsTypes of FMECATwo approachesFMECA standardsFMECA procedureWorksheet prep.Risk rankingCorrective actionsConclusionsFMECA was one of the first systematic techniques for failureanalysis FMECA was developed by the U.S. Military. The firstguideline was Military Procedure MIL-P-1629 “Procedures forperforming a failure mode, effects and criticality analysis”dated November 9, 1949 FMECA is the most widely used reliability analysis techniquein the initial stages of product/system development FMECA is usually performed during the conceptual and initialdesign phases of the system in order to assure that allpotential failure modes have been considered and the properprovisions have been made to eliminate these failures Marvin Rausand, October 7, 2005System Reliability Theory (2nd ed), Wiley, 2004 – 5 / 46
What can FMECA be used for?IntroductionWhat is FMECA?FMECA – FMEABackgroundPurposesBasic questionsTypes of FMECATwo approachesFMECA standards FMECA procedureWorksheet prep. Risk rankingCorrective actionsConclusions Assist in selecting design alternatives with high reliability andhigh safety potential during the early design phasesEnsure that all conceivable failure modes and their effects onoperational success of the system have been consideredList potential failures and identify the severity of their effectsDevelop early criteria for test planning and requirements fortest equipmentProvide historical documentation for future reference to aid inanalysis of field failures and consideration of design changesProvide a basis for maintenance planningProvide a basis for quantitative reliability and availabilityanalyses.Marvin Rausand, October 7, 2005System Reliability Theory (2nd ed), Wiley, 2004 – 6 / 46
FMECA basic questionIntroductionWhat is FMECA?FMECA – FMEABackgroundPurposesBasic questionsTypes of FMECATwo approachesFMECA standardsFMECA procedure How can each part conceivably fail?What mechanisms might produce these modes of failure?What could the effects be if the failures did occur?Is the failure in the safe or unsafe direction?How is the failure detected?What inherent provisions are provided in the design tocompensate for the failure?Worksheet prep.Risk rankingCorrective actionsConclusionsMarvin Rausand, October 7, 2005System Reliability Theory (2nd ed), Wiley, 2004 – 7 / 46
When to perform an FMECAIntroductionWhat is FMECA?FMECA – FMEABackgroundPurposesBasic questionsTypes of FMECATwo approachesFMECA standardsThe FMECA should be initiated as early in the design process,where we are able to have the greatest impact on the equipmentreliability. The locked-in cost versus the total cost of a product isillustrated in the figure:100100FMECA procedure80-InOperation (50%)80% Locked-In Costs%L60604040% Total CostsConclusionssCodkeocRisk rankingCorrective actions85%tsWorksheet prep.Production (35%)202012%3%00Concept/FeasibilityMarvin Rausand, October 7, 2005Design/DevelopmentProduction/Operation– Source: SEMATECH (1992)System Reliability Theory (2nd ed), Wiley, 2004 – 8 / 46
Types of FMECAIntroductionWhat is FMECA?FMECA – FMEABackgroundPurposesBasic questionsTypes of FMECATwo approachesFMECA standardsFMECA procedureDesign FMECA is carried out to eliminate failures duringequipment design, taking into account all types of failuresduring the whole life-span of the equipment Process FMECA is focused on problems stemming from howthe equipment is manufactured, maintained or operated System FMECA looks for potential problems and bottlenecksin larger processes, such as entire production lines Worksheet prep.Risk rankingCorrective actionsConclusionsMarvin Rausand, October 7, 2005System Reliability Theory (2nd ed), Wiley, 2004 – 9 / 46
Two approaches to FMECAIntroductionWhat is FMECA?FMECA – FMEABackgroundPurposesBasic questionsTypes of FMECATwo approachesFMECA standards Bottom-up approach FMECA procedureWorksheet prep.Risk rankingCorrective actions The bottom-up approach is used when a system concepthas been decided. Each component on the lowest level ofindenture is studied one-by-one. The bottom-upapproach is also called hardware approach. The analysisis complete since all components are considered.Top-down approach ConclusionsMarvin Rausand, October 7, 2005The top-down approach is mainly used in an early designphase before the whole system structure is decided. Theanalysis is usually function oriented. The analysis startswith the main system functions - and how these may fail.Functional failures with significant effects are usuallyprioritized in the analysis. The analysis will not necessarilybe complete. The top-down approach may also be usedon an existing system to focus on problem areas.System Reliability Theory (2nd ed), Wiley, 2004 – 10 / 46
FMECA standardsIntroductionWhat is FMECA?FMECA – FMEABackgroundPurposesBasic questionsTypes of FMECATwo approachesFMECA standards FMECA procedure Worksheet prep.Risk rankingCorrective actions Conclusions MIL-STD 1629 “Procedures for performing a failure modeand effect analysis”IEC 60812 “Procedures for failure mode and effect analysis(FMEA)”BS 5760-5 “Guide to failure modes, effects and criticalityanalysis (FMEA and FMECA)”SAE ARP 5580 “Recommended failure modes and effectsanalysis (FMEA) practices for non-automobile applications”SAE J1739 “Potential Failure Mode and Effects Analysis inDesign (Design FMEA) and Potential Failure Mode andEffects Analysis in Manufacturing and Assembly Processes(Process FMEA) and Effects Analysis for Machinery(Machinery FMEA)”SEMATECH (1992) “Failure Modes and Effects Analysis(FMEA): A Guide for Continuous Improvement for theSemiconductor Equipment Industry”Marvin Rausand, October 7, 2005System Reliability Theory (2nd ed), Wiley, 2004 – 11 / 46
IntroductionFMECA procedureMain stepsPrerequisitesSystem structureWorksheet prep.Risk rankingCorrective actionsConclusionsMarvin Rausand, October 7, 2005FMECA procedureSystem Reliability Theory (2nd ed), Wiley, 2004 – 12 / 46
FMECA main stepsIntroductionFMECA procedureMain stepsPrerequisitesSystem structureWorksheet prep.Risk ranking1.2.3.4.5.FMECA prerequisitesSystem structure analysisFailure analysis and preparation of FMECA worksheetsTeam reviewCorrective actionsCorrective actionsConclusionsMarvin Rausand, October 7, 2005System Reliability Theory (2nd ed), Wiley, 2004 – 13 / 46
FMECA prerequisites1. Define the system to be analyzedIntroductionFMECA procedureMain stepsPrerequisitesSystem structureWorksheet prep.(a)(b)(c)Risk rankingCorrective actionsConclusionsSystem boundaries (which parts should be included andwhich should not)Main system missions and functions (incl. functionalrequirements)Operational and environmental conditions to be consideredNote: Interfaces that cross the design boundary should beincluded in the analysis2. Collect available information that describes the system to beanalyzed; including drawings, specifications, schematics,component lists, interface information, functionaldescriptions, and so on3. Collect information about previous and similar designs frominternal and external sources; including FRACAS data,interviews with design personnel, operations and maintenancepersonnel, component suppliers, and so onMarvin Rausand, October 7, 2005System Reliability Theory (2nd ed), Wiley, 2004 – 14 / 46
System structure analysisIntroductionFMECA procedureMain stepsPrerequisitesSystem structureWorksheet prep.Risk ranking1. Divide the system into manageable units - typically functionalelements. To what level of detail we should break down thesystem will depend on the objective of the analysis. It isoften desirable to illustrate the structure by a hierarchicaltree diagram:Corrective actionsConclusionsSystemLevel of intendureMore level 1 subsystemsSubsystem 1More level 2 ystem2.1More componentsComponent1.1.1Marvin Rausand, October 7, 2005Subsystem 2Component1.1.2More level 2 subsystemsSubsystem2.2More componentsComponent2.1.1Component2.1.2System Reliability Theory (2nd ed), Wiley, 2004 – 15 / 46
System structure analysis - (2)IntroductionFMECA procedureMain stepsPrerequisitesSystem structureIn some applications it may be beneficial to illustrate the systemby a functional block diagram (FBD) as illustrated in thefollowing figure.Worksheet prep.Risk rankingSystem boundaryCorrective actionsControl panelConclusionsMarvin Rausand, October 7, 2005Electric startStart batteriesControl andmonitor the engineProvide torque tostart diesel engineProvide electricpowerDiesel tankDiesel engineBattery chargerProvide dieselto the engineProvide torqueLoad startbatteriesAir intake systemLube oil systemExhaust systemProvide airProvide lube oilto diesel engineRemove andclean exhaustSystem Reliability Theory (2nd ed), Wiley, 2004 – 16 / 46
System structure analysis - (3)IntroductionFMECA procedureMain stepsPrerequisitesSystem structureWorksheet prep.Risk rankingCorrective actionsConclusionsThe analysis should be carried out on an as high level in thesystem hierarchy as possible. If unacceptable consequences arediscovered on this level of resolution, then the particular element(subsystem, sub-subsystem, or component) should be divided intofurther detail to identify failure modes and failure causes on alower level.To start on a too low level will give a complete analysis, but mayat the same time be a waste of efforts and money.Marvin Rausand, October 7, 2005System Reliability Theory (2nd ed), Wiley, 2004 – 17 / 46
IntroductionFMECA procedureWorksheet prep.WorksheetFrequencySeverityRisk rankingCorrective actionsConclusionsMarvin Rausand, October 7, 2005Worksheet preparationSystem Reliability Theory (2nd ed), Wiley, 2004 – 18 / 46
Preparation of FMECA worksheetsIntroductionFMECA procedureWorksheet prep.WorksheetFrequencySeverityA suitable FMECA worksheet for the analysis has to be decided.In many cases the client (customer) will have requirements to theworksheet format - for example to fit into his maintenancemanagement system. A sample FMECA worksheet covering themost relevant columns is given below.Risk rankingCorrective actionsSystem:Performed by:ConclusionsRef. drawing no.:Date:Description of unitRef.no(1)Description of failurePage:Effect of use ormechanismDetectionof failureOn thesubsystemOn 9)Marvin Rausand, October 7, omments(12)System Reliability Theory (2nd ed), Wiley, 2004 – 19 / 46
Preparation of FMECA worksheets - (2)IntroductionFMECA procedureWorksheet prep.WorksheetFrequencySeverityRisk rankingCorrective actionsConclusionsFor each system element (subsystem, component) the analystmust consider all the functions of the elements in all itsoperational modes, and ask if any failure of the element mayresult in any unacceptable system effect. If the answer is no,then no further analysis of that element is necessary. If theanswer is yes, then the element must be examined further.We will now discuss the various columns in the FMECAworksheet on the previous slide.1. In the first column a unique reference to an element(subsystem or component) is given. It may be a reference toan id. in a specific drawing, a so-called tag number, or thename of the element.2. The functions of the element are listed. It is important to listall functions. A checklist may be useful to secure that allfunctions are covered.Marvin Rausand, October 7, 2005System Reliability Theory (2nd ed), Wiley, 2004 – 20 / 46
Preparation of FMECA worksheets - (3)IntroductionFMECA procedureWorksheet prep.WorksheetFrequencySeverityRisk rankingCorrective actionsConclusions3. The various operational modes for the element are listed.Example of operational modes are: idle, standby, andrunning. Operational modes for an airplane include, forexample, taxi, t
SAE J1739 “Potential Failure Mode and Effects Analysis in Design (Design FMEA) and Potential Failure Mode and Effects Analysis in Manufacturing and Assembly Processes (Process FMEA) and Effects Analysis for Machinery (Machinery FMEA)” SEMATECH (1992) “Failure Modes and Effects Analysis (FMEA): A Guide for Continuous Improvement for the Semiconductor Equipment Industry” Introduction .
